[Resolved] Ccleaner/ Redirect problem...

So i am currently working my way through the 8 step guide for malware removal? and at step 2 regarding the use of Ccleaner, Im unsure what this will actually do. i looked at the summary results and in the, Windows Explorer - recent documents tab there are about 190 files that it suggests i delete...now will this delete the actual file? for example a word doc that is listed there? There are a few listed that i need to keep or belong to the other user of this computer.

Also i saw another thread that suggested not usung Ccleaner at all....whats my best option...?

Also i may as well add what i have in the way of logs.
Im not the only user of this computer, my dad is the primary user as well as my brother who started usig it in the last couple of weeks and thats when i started noticing problems, more so in the last 2 or 3 days, mostly with google redirecting and opening up a new window when a search item is clicked.

also i have yet to run CCleaner fully as i am unsure what precautions to take.

It will close all programs itself when run, make sure to let it run uninterrupted.

Click the Start button to begin the process. The program should not take long to finish its job

Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

TFC only cleans temp folders. TFC will not clean URL history, prefetch, or cookies. Depending on how often someone cleans their temp folders, their system hardware, and how many accounts are present, it can take anywhere from a few seconds to a minute or more. TFC will completely clear all temp files where other temp file cleaners may fail. TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.

TFC (Temp File Cleaner) will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.

With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.

Important! Save the renamed download to your desktop.

Please disable all security programs, such as antiviruses, antispywares, and firewalls.

Double click on the setup file on the desktop to run

If prompted to download and install the Recovery Console, please do so.
(Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.)

If prompted to update, please allow.

Click on Yes, to continue scanning for malware.

When finished, it will produce a log.Please include the C:\ComboFix.txt in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run.

.

Leave the Combofix report on your next reply. There is evident of an autorun infection. I'll check the logs while you do that.

I tried to save combofix as Combo-Fix(.exe) bit after it seemed to be running for a while it stopped and came up with warning about combofix not bieng affiliated with a couple sites and asked if I wanted to continue. Then stated I could not change the name to Combo-Fix(.exe) and to try another name using alphanumeric charaters.

I ran combo fix and it revolted my comp twice. After the second reboot it came up saying it was preparing a log report bit it now seems to have stalled. The windown with that message is still up and nothing is happening....

Regarding the combo fix. My computer shutdown. So I started it back up and google seems to be running ok now. Also my antivirus has downloaded it's update which I wasn't able to do before as well as windows installer is updating now automatically too. I looked for a log report for CF but could not find one.

Renamed it when I first installed it and it stopped running and said it couldn't be renamed. Whe it stopped I doubled clicked the icon again and ran. It was after the second reboot after it deleted files and was preparing the log that everything seemed to freeze.

so i tried to download CF again....renaming it as Combo-Fix(.exe) before download and when i click to start it it says it cannot be renamed as this and to try renaming it something else using alphanumeric charecters and changes the name of itself back to ComboFix on the desktop....

You're bumping the thread because I haven't finished you in a day???! I help others also- did you think otherwise?

Do NOT bump this thread again unless 72 hours have past with no reply.

Click to expand...

YO, I didnt mean anything by bumping the thread. Im fully aware that you help others on this forum. I dont expect expect to be helped, finished or anything in a day or less or a week or more. Im completly grateful of the help you offer and are giving...it was nothing more than a friendly bump...didnt mean to piss you off in anyway. 72 hours it is.....

Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.

Click the red Moveit! button.

A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.

Close OTMoveIt3

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Attached Files:

Since this is your dad's computer, he may want to handle this:
DNS ChangerYou will need to do a DNS Flush, then reset your router.
Start> Run> type cmd> enter> at the C prompt type ipconfig /flushdns (note space before the /)

Exit the Command prompt when finished and shut the system down.-

[1]. Shut down your computer, and any other computer connected to your router.
[2]. On the back of the router, there should be a small hole or button labelled RESET. Using a bent paper clip or similar item, hold that in continuously for twenty seconds.
[3]. Unplug the router. Wait sixty seconds.
[4].Now holding again the reset button, plug it back in. Continue holding the reset button for twenty seconds. Unplug the router again.
[5].With the router unplugged, start your computer. Run MBAM again.
[6].Connect to the router again. The turn the router back on.
[7].When it stabilizes, reboot your workstation and try to access the internet. If you have any issues, access the Router configuration page and re-enter your authentication information.
[8]. Reboot the system and test the internet. You may have to reconfigure the router settings based on your setup.